June 19, 2024 2 min read


Fact-checked by Velimir Velichkov

FTC Seeks Response from MGM Resorts in Cyberattack Case

The Commission filed a petition seeking an order that would require the operator to respond to its investigation of the cyberattack dating back to September 2023

Last autumn, MGM Resorts, the leading gaming, entertainment and hospitality giant, became a victim of a cyberattack. Hackers were able to disrupt the operator’s business leading to missing amenities and other inconveniences for the guests in a move that ultimately resulted in $100 million in lost EBITDA for the company.

An investigation attempt was made by the Federal Trade Commission (FTC) in light of the data security breach. MGM responded to the legal matter by trying to block the probe in April, after filing a Complaint for Declaratory and Injunctive Relief against the FTC and its chair, Lina Khan.

In the latest chapter of the legal fight, the FTC filed a petition with Nevada’s District Court. The legal claim is after receiving a court order that would require MGM to submit a response to FTC’s civil investigative demand (CID). In case the court issues such an order, the Commission would seek a response from MGM within 10 days, as announced in a recently released report by the Las Vegas Review-Journal.

Moreover, the FTC explained that in order to conduct its investigation thoroughly it seeks judicial enforcement. “The FTC respectfully asks this court to issue an order requiring MGM to appear and show cause why it should not comply with the CID and thereafter grant the FTC’s petition and enter an order compelling MGM to produce the documents and information specified in the CID,” reads the recently filed petition.

The Cyberattack from Last Year Isn’t the First One for MGM

Supporting its request, the Commission outlined that MGM has been subject to security incidents on a couple of occasions. Prior to the most recent cyberattack from September 2023, the operator was also impacted by a security breach in 2019. The aforementioned data security incidents are a prime reason why the FTC needs to conduct its investigation, the Commission wrote to the court.

A spokesperson for MGM, who was quoted by the Las Vegas Review-Journal, explained that the company followed government guidance and rejected paying ransom to the hackers responsible for the cyberattack. The representative also said that MGM collaborated with law enforcement in light of the cyberattack.

The unprecedented data breach brought another class action lawsuit against MGM. The legal challenge, filed by the personal injury law firm, THE702FIRM Injury Attorneys, alleges that the access of hackers to the company’s systems caused damage to the operator’s loyalty program members.


Jerome is a welcome new addition to the Gambling News team, bringing years of journalistic experience within the iGaming sector. His interest in the industry begun after he graduated from college where he played in regular local poker tournaments which eventually lead to exposure towards the growing popularity of online poker and casino rooms. Jerome now puts all the knowledge he's accrued to fuel his passion for journalism, providing our team with the latest scoops online.

Leave a Reply

Your email address will not be published. Required fields are marked *